Filter
Top Products
FortiAnalyzer Version 3.0 MR7 Administration Guide
86 05-30007-0082-20080908
Blocking device connection attempts Device
Test Connectivity does not verify connectivity by Syslog. Syslog is required to
send log messages. To verify Syslog connectivity, trigger FortiGate logs, then go
to Log&Report > Log Access > Remote. Steps required to trigger sending log
messages from the FortiGate unit varies by the log type. For example, event logs
are not configured in the same location as logs resulting from firewall policies and
protection profiles. For more information, see the FortiGate Administration Guide.
When full connectivity is verified, the FortiGate unit can send log and other data to
the FortiAnalyzer unit. For more information about configuring FortiGate unit
quarantining, content archiving, and/or remote logging, see the FortiGate
Administration Guide.
Blocking device connection attempts
Blocking devices prevents them from being able to attempt connections to the
FortiAnalyzer unit.
FortiAnalyzer units support a maximum number of devices, including registered
and unregistered devices combined. For more information, see “Maximum
number of devices” on page 76. You can manually block unregistered devices that
you do not want in the FortiAnalyzer device list to free a spot in the device list.
Devices may automatically appear on your list of blocked devices. This can occur
when devices attempt to connect after the maximum number of allowed devices
has been reached. To resume adding devices, you must first block a device that is
currently on your device list, then unblock the device you want to add, and add it
to the device list.
To view blocked devices, go to Device > All > Blocked Devices.
Figure 4: List of blocked devices
Note: See “Configuring unregistered device connection attempt handling” on page 79 to
prevent unregistered devices from automatically appearing in the device list.
Device ID The name or serial number of the blocked device.
Hardware Model The type of device, such as FortiGate, FortiManager, FortiMail, or
Syslog server.
IP Address The IP address of the blocked device.
Action Select Delete to remove the device from the list of blocked
devices. If the device attempts to connect to the FortiAnalyzer
unit, it may appear in the device list as an Unregistered device,
according to your configuration of Unregistered Device Options.
For more information, see “Configuring unregistered device
connection attempt handling” on page 79.
Select Unblock to add the device to the FortiAnalyzer unit’s device
list. For more information, see “Viewing the device list” on
page 73.
Delete
Unblock